I have an authenticated Blazor WebAssembly application whereby I nee to add in the ability to show and download files that contain sensitive information and so cannot be added to a public URL.
I have tried the using Toolbelt.Blazor.HttpClientInterceptor, to intercept and add the JWT to the header. But his does not intercept call made via src attributes in img or iframe tags.
I have also tried using System.Net.Http.HttpClient, manually adding in the JWT token to the header and tsetting the img or iframe src through the razor.cs however this seems to slow down blazors responsiveness considerable when loading (even though it is done through async/await).
I also want to be able to add in download links to files, for which I am not sure how to achieve this with httpclient?
From reading the following link;
Token-Based Authentication Image URLS
The recommended way is to create an anonymous endpoint for access with a GUID. However, I am unsure how I would generate the GUID safely and check it validity? Are there any nuget packages that help with this type of situation?
